scholarly journals Information-Flow Analysis of Android Applications in DroidSafe

2015 ◽  
Author(s):  
Michael I. Gordon ◽  
Deokhwan Kim ◽  
Jeff Perkins ◽  
Limei Gilham ◽  
Nguyen Nguyen ◽  
...  
Keyword(s):  
Information Flow ◽  
Flow Analysis ◽  
Information Flow Analysis ◽  
Android Applications

scholarly journals A permission-dependent type system for secure information flow analysis

2021 ◽  
pp. 1-68
Author(s):  
Zhiwu Xu ◽  
Hongxu Chen ◽  
Alwen Tiu ◽  
Yang Liu ◽  
Kunal Sareen
Keyword(s):  
Information Flow ◽  
Flow Analysis ◽  
Type System ◽  
Information Leakage ◽  
Inference Problem ◽  
Ordered Binary Decision Diagrams ◽  
Information Flow Analysis ◽  
Secure Information ◽  
Android Applications ◽  
Android Permission

We introduce a novel type system for enforcing secure information flow in an imperative language. Our work is motivated by the problem of statically checking potential information leakage in Android applications. To this end, we design a lightweight type system featuring Android permission model, where the permissions are statically assigned to applications and are used to enforce access control in the applications. We take inspiration from a type system by Banerjee and Naumann to allow security types to be dependent on the permissions of the applications. A novel feature of our type system is a typing rule for conditional branching induced by permission testing, which introduces a merging operator on security types, allowing more precise security policies to be enforced. The soundness of our type system is proved with respect to non-interference. A type inference algorithm is also presented for the underlying security type system, by reducing the inference problem to a constraint solving problem in the lattice of security types. In addition, a new way to represent our security types as reduced ordered binary decision diagrams is proposed.

scholarly journals Method and Application of Operational Architecture Modeling Based on Information Flow Analysis

2016 ◽  
Vol 4 (1) ◽  
pp. 40-55
Author(s):  
Yinghui Yang ◽  
Jianhua Li ◽  
Qingwei Meng ◽  
Mingli Nan
Keyword(s):  
Information Flow ◽  
Process Analysis ◽  
Flow Analysis ◽  
Modeling Framework ◽  
Operational Process ◽  
Information Flow Analysis ◽  
Modeling Process ◽  
Architecture Framework ◽  
Architecture Modeling ◽  
Operational Activity

Abstract To strengthen operational process analysis and normalize information requirements description in systemic operations based on information systems, a new operational architecture modeling method is proposed from the perspective of information flow analysis. An operational architecture modeling framework based on information flow analysis is established by referring to American department of defense architecture framework (DoDAF V2.0). Concepts of entities, relationships, attributes and mapping rules are defined. Operational activity model, operational nod model and information alternation model are constructed. Finally, aerial assault operation is taken as an example to demonstrate the modeling process. Simulation results show that operational process analysis is more refined and information requirement descriptions are more visible, normal and clear, which validate the feasibility and validity of the method and models.

Sign in / Sign up

Export Citation Format

Share Document